News broke earlier today that the UK government will allow Chinese tech giant Huawei to develop non-core parts of the country’s 5G infrastructure, marking the latest chapter in an international saga surrounding the company.
Although not an official announcement, the news appears to be in the form of a carefully managed leak that is apparently timed to coincide with the meeting of key intelligence heads from the US and UK at the CYBERUK conference in Glasgow today.
It’s an unusual choice of delivery, but one that is wholly in keeping with wildly politicised nature of the issue. Because while this is ostensibly a matter of selecting a technology partner, in reality it’s about the geopolitics surrounding global cybersecurity – an area in which Huawei has become an unfortunate figurehead.
The US has branded Huawei a security risk, calling on its allies in the intelligence-sharing group known as ‘Five Eyes’ – the UK, Canada, Australia and New Zealand – to block the company. It argues that Huawei’s 5G technologies can be used as a spying tool by the Chinese government, which is linked to a host of threat actors thought to be behind attacks on western infrastructure and businesses.
However, Huawei has repeatedly and vehemently denied these claims, arguing that there is no proof that it has ever acted in this way.
Australia has opted to follow US instructions, but the UK has been less keen, with the UK National Cyber Security Centre already recommending against an outright ban of the company.
However, while there is still a slice of technology influencing decision-makers, it’s clear that politics has become – and firmly remains – the driving force behind many of the decisions relating to the company.
The Huawei saga: Where technology meets politics
Despite the rampant politics that has sprung up around the Huawei saga, at the core of the issue is technological.
Around the world, governments are overseeing the installation of 5G networks that will be critical to future communications, promising a potential step-change in terms of speeds, data capacity and latency.
Huawei is a key player in this area, offering very competitive solutions to the extensive infrastructure that 5G requires. Without the politics, it would likely secure vast numbers of the contracts available, and in areas of the world not embroiled in these political concerns, it is doing so.
But with so many cybersecurity issues plaguing both businesses and governments, there is reason to be wary, and 5G infrastructure in particular does present fresh security concerns.
“5G equipment has national security implications because it will be the most advanced wireless communications network in the countries in which it is built,” Cyrus Mewawalla, head of thematic research at GlobalData, told Verdict.
The State of Technology This Week
“With Huawei increasingly controlling both the software layer and the hardware layer – particularly the semiconductor layer – within its equipment, it becomes more and more difficult for governments to ensure full security of a national communications network because of the ease of building backdoors or other embedded vulnerabilities within the semiconductor or software layer.”
This means that any company given 5G contracts is also being handed a certain level of trust by the government in question, which may explain why the UK appears to be hedging its bets with today’s leaked news.
By only allowing the company to provide non-core infrastructure, it is blocking Huawei from supplying infrastructure that handles areas such as device ID verification and call and data routing – which hold the greatest potential for security issues.
“If correct, I judge this to be simply further evidence that the UK is taking a pragmatic, risk-based approach to 5G and Huawei,” commented Malcom Taylor, former senior British intelligence officer and current Director of Cyber Advisory at ITC Secure.
“GCHQ and the NCSC, in the guise of the Huawei Cell, have apparently considered the risks and concluded that ‘controlled integration’ of Huawei into non-core elements of the network will provide the best outcome for telcos and end users, whilst engaging Chinese technology which works well and is cost effective. I find it very hard to argue with that approach.”
A political storm at every level
However, while the approach may be pragmatic, the political response has been anything but.
A string of senior Conservatives have expressed outraged concern over the news, with many suggesting that it could jeopardise the UK’s place in the Five Eyes intelligence community.
A similar response appears to be brewing in the US, with former US homeland security adviser Tom Bossert accusing prime minister Theresa May of ignoring the advice of UK security experts:
“I’m not sure what the prime minister was thinking but it seems to be against the advice of some of her security professionals,” he told Today.
Both at the national and international level, Huawei is increasingly proving to be an effective political tool, which is unlikely to be downed any time soon.
“I do expect this to be further politicised, and the timing is not great from a UK government perspective because of the Trump visit; the US are unlikely to be pleased,” said Taylor.
“Slightly awkward too that the Directors of GCHQ and of the NCSC are today meeting US counterparts at the conference in Glasgow. The timing of leaks is never accidental, it seems.”
Are the Huawei spying allegations really about the US tech industry?
Amidst the political storm, it is important to remember that at no point has there been any concrete proof that Huawei is acting on behalf of the Chinese government.
“Personally I don’t see an issue with the British government using Huawei in this way, because there’s currently no hard evidence of collusion between it and the Chinese government,” said Lawrence Jones MBE, founder and CEO of UKFast.
“It would be unfair to disadvantage a commercial business when there’s absolutely no evidence to date that they have done anything wrong. There is a great deal of fuss over Huawei and I am not sure anyone has provided any real evidence.”
Huawei itself has characterised the US’ role in the saga as a PR offensive against the company.
“The US government is using a lot of their resources, and resorting to political and diplomatic means to speak ill of us,” said Catherine Chen, a board director at Huawei, at a media roundtable last week.
“They have interfered in our business operations. This is quite uncommon. Although many companies from around the world have been around longer than us, they have seldom been treated like this.”
Chen pointed to claims by US government officials that there is “no doubt that we are controlled by the Chinese government and that we are definitely not secure”, questioning the lack of evidence to support this.
“Some of them are even saying that our offer to have our equipment tested to see if it is secure is pointless, because it’s obviously not,” she said.
“Really, if the US doesn’t think that technology or third-party testing can solve this issue, then they should propose their own way to resolve this. Are political attacks their only resort?”
For Jones, however, the US’ attacks against Huawei may be motivated more by economics than security.
“A lot of the noise around this is coming from the US, which has previously enjoyed complete dominance in the router and networking market and sees Chinese technology as a significant threat,” he said, pointing to the US’ own questionable security practices, which have not afforded the same security responses internationally.
“What we do know is that the US government has the right under the CLOUD Act to access and obtain data from any US company regardless of their physical jurisdiction, yet this seems to have gone largely unnoticed in the midst of the controversy surrounding Huawei.
“I don’t see anyone banning US vendors in spite of the potentially intrusive ruling of US government policy.”